The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.

Tuesday, July 26, 2005

Users who visit the Microsoft website looking for patches and upgrades will find their computers and software being probed as part of an attempt to crack down on priated software. To be eligible for patches (other than security fixes), software will audit to see if "U R Legit". No surprise, but there are some concerns about privacy when Microsoft rummages through your PC, particularly after other companies have covertly collected personal information through similar means.

"It sets an extremely negative precedent," Pam Dixon, executive director of World Privacy Forum, a non-profit public-interest research centre in San Diego, said of the company's initiative. "Microsoft is saying, 'Before I let you do anything at all, you have to open your computer to us.' I really object to this."

The company will scan machines for a variety of information, including product keys or software authorization codes, operating-system version and details on the flow of data between the operating system and other hardware, such as printers.

It is access to this information that particularly upsets the privacy advocates. Ms. Dixon says the only information Microsoft needs to fight piracy is the product key and the operating-system version, and she says that Microsoft will be able to identify users uniquely based on some of the information the company collects.

"They are grabbing more information than they need to deter piracy," she said.

...

Microsoft said no personal data will be collected during the validation process, and information will remain completely anonymous. The company said it commissioned TÜV-ITÖ, an independent German security auditor, to test how well its Windows Genuine Advantage program protects customers' data, and the firm concluded that Microsoft does not collect any personal information that would allow it to identify or contact a user.

Please note that I am only able to provide legal advice to clients of my firm. If you have a privacy matter, please contact me about becoming a client. I am not able to provide free legal advice. Any unsolicited information sent to David Fraser may not be protected by solicitor-client privilege.

The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Due to professional ethics, the author may not be able to comment on matters in which a client has an interest. Nothing herein should be used as a substitute for the advice of competent counsel.

This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.